1audit_binfile(5)      Standards, Environments, and Macros     audit_binfile(5)
2
3
4

NAME

6       audit_binfile - generation of Solaris audit logs
7

SYNOPSIS

9       /usr/lib/security/audit_binfile.so
10
11

DESCRIPTION

13       The  audit_binfile  plugin  module  for  Solaris  audit, /usr/lib/secu‐
14       rity/audit_binfile.so, writes binary audit data to files as  configured
15       in  audit_control(4);  it  is  the default plugin for the Solaris audit
16       daemon auditd(1M). Its output is described by audit.log(4).
17
18
19       The audit_binfile plugin is loaded by auditd if audit_control  contains
20       one or more lines defining audit directories by means of the dir: spec‐
21       ification  or  if  audit_control  has  a   plugin:   specification   of
22       name=audit_binfile.so.
23

OBJECT ATTRIBUTES

25       The  p_dir and p_minfree attributes are equivalent to the dir: and min‐
26       free: lines described in audit_control. If both the dir: line  and  the
27       p_dir  attribute  are  used, the plugin combines all directories into a
28       single list with those specified by means of dir: at the front  of  the
29       list.  If  both the minfree and the p_minfree attributes are given, the
30       p_minfree value is used.
31
32
33       The p_fsize attribute defines the maximum size in bytes that  an  audit
34       file  can become before it is automatically closed and a new audit file
35       opened. This is equivalent to an administrator issuing an audit -n com‐
36       mand  when  the  audit file contains the specified number of bytes. The
37       default size is zero (0), which allows the file to grow without  bound.
38       The   value   specified   must   be   within  the  range  of  [512,000,
39       2,147,483,647].
40

EXAMPLES

42       The following directives cause audit_binfile.so to be  loaded,  specify
43       the  directories  for writing audit logs, and specify the percentage of
44       required free space per directory.
45
46         flags: lo,ad,-fm
47         naflags: lo,ad
48         plugin: name=audit_binfile.so;\
49         p_minfree=20;\
50         p_dir=/var/audit/jedgar/eggplant,\
51         /var/audit/jedgar.aux/eggplant,\
52         /var/audit/global/eggplant
53
54
55

ATTRIBUTES

57       See attributes(5) for a description of the following attributes:
58
59
60
61
62       ┌─────────────────────────────┬─────────────────────────────┐
63       │      ATTRIBUTE TYPE         │      ATTRIBUTE VALUE        │
64       ├─────────────────────────────┼─────────────────────────────┤
65       │MT Level                     │MT-Safe                      │
66       ├─────────────────────────────┼─────────────────────────────┤
67       │Interface Stability          │Committed                    │
68       └─────────────────────────────┴─────────────────────────────┘
69

SEE ALSO

71       auditd(1M), audit_control(4), syslog.conf(4), attributes(5)
72
73
74       System Administration Guide: Security Services
75
76
77
78SunOS 5.11                        24 Jun 2009                 audit_binfile(5)